GHSA-J7QP-MFXF-8XJW libp2p DoS vulnerability from lack of resource management

Impact Versions older than v0.18.0 of go-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed ...

TP-LINK TL-WR740N 资源管理错误漏洞

The TP-LINK TL-WR740N is a wireless router from China P&L TP-LINK. The TP-LINK TL-WR740N suffers from a Resource Management Error vulnerability that stems from an unknown function of the component ARP handler that manipulates to cause resource consumption...

CLSA-2022-1669241032 Fix CVE(s): CVE-2022-45061

SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061-v2.7.patch: Fix quadratic time idna decoding - CVE-2022-45061 Make tests to be compatible with expat 2.1.0 from tuxcare.els: - debian/patches/expat-regression-v2.7.patch: Make test suite support Expat =2.4.5...

TikTok: Remotely Accessible Container Advisor exposed performance metrics and resource usage

A vulnerability was found that caused cAdvisor Container Advisor to be publicly accessible through an 8080 port. We thank @tw4v3sx for reporting this to our team...

The vulnerability of the hvc_xen component (console) of the Xen hypervisor allows a attacker to cause a service failure.

The vulnerability of the hvcxen component console of the Xen hypervisor is related to an uncontrolled resource consumption. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2022-34661

A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...

CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP 资源管理错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP2 profile, which stems from the fact that when configuring the...

F5 BIG-IP 资源管理错误漏洞

NGINX Instance Manager NIM is part of F5's NGINX Management Suite NMS.The NIM module provides a REST API that uses standard authentication methods and HTTP response code, among other things.A denial of service vulnerability exists in F5 NGINX Instance Manager, which stems from a When using NGINX...

Fedora: Security Advisory for cadvisor (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: cadvisor-0.44.1-4.fc36

cAdvisor Container Advisor provides container users an understanding of the resource usage and performance characteristics of their running containers. It is a running daemon that collects, aggregates, processes, and exports information about running containers. Specifically, for each container i...

[SECURITY] Fedora 35 Update: cadvisor-0.44.1-3.fc35

cAdvisor Container Advisor provides container users an understanding of the resource usage and performance characteristics of their running containers. It is a running daemon that collects, aggregates, processes, and exports information about running containers. Specifically, for each container i...

Fedora: Security Advisory for cadvisor (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: cadvisor-0.44.1-3.fc36

cAdvisor Container Advisor provides container users an understanding of the resource usage and performance characteristics of their running containers. It is a running daemon that collects, aggregates, processes, and exports information about running containers. Specifically, for each container i...

Denial of Service (DoS)

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when creating HTTPS web requests while building X509 certificate chains. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

DEBIAN-CVE-2021-33135

Uncontrolled resource consumption in the Linux kernel drivers for IntelR SGX may allow an authenticated user to potentially enable denial of service via local access...

dotnet: malicious content causes high CPU and memory usage

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...

CVE-2022-27181

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when APM is configured on a virtual server and the associated access profile is configured with APM AAA...